Google is set to introduce a novel system aimed at tackling malware issues on Android devices. The forthcoming live threat detection service utilizes Google Play Protect’s on-device artificial intelligence to scrutinize apps for any malicious activities. Unveiled in conjunction with the Google I/O developer conference, this service assesses various indicators linked to an application’s usage of sensitive permissions and its interactions with other applications and services.
Upon detecting any suspicious behavior, Google Play Protect has the capability to forward the app to Google for further evaluation. Additionally, it can alert users who have the potentially harmful app installed and, if necessary, can even disable the app.
This detection mechanism leverages Google’s Private Compute Core, the Android privacy framework introduced in 2022, designed to provide a segregated data processing environment within the Android operating system. The concept behind the Private Compute Core (PCC) is to empower users with control over their data sharing preferences. By integrating the PCC, the new live threat detection feature ensures user protection without the need to collect personal data.
Google has announced plans to deploy a new system on Google Pixel devices later this year, with other manufacturers such as Oppo, Honor, Lenovo, OnePlus, Nothing, Transsion, Sharp, and more expected to follow suit.
The introduction of this service aims to enhance user confidence in downloading and using apps from Google Play. This measure addresses a significant concern among Android users: the desire to avoid downloading malicious software altogether. Ideally, users would prefer that harmful applications be detected and eliminated during the app review process itself. Apple emphasizes its robust app review procedures as a consumer and developer benefit, successfully intercepting numerous malicious apps before they reach the App Store, despite occasional lapses. In a recent communication ahead of its I/O event, Apple highlighted that it had prevented $1.8 billion in fraudulent transactions on the App Store.
Additionally, Google will be implementing live threat detection services and is taking steps to hide one-time passwords from notifications, thereby mitigating a common vector for fraud and spyware. Moreover, the company plans to extend the restricted settings introduced in Android 13. With these changes, apps will now require additional user approvals to gain certain permissions when they are sideloaded onto devices.
